Synced Info from AD on prem to Azure User Profiles

Question

I need to setup an Enterprise Application in Entra for a SAML/SSO. One of the requirements of the vendor is that we use the ID# of the student as the unique field. We have a hybrid environment. Currently, we typically use an onpremname as the unique field. That said, each user is assigned an ID#, but it is not showing up in Entra under the user's profile properties. I believe from what I see in AD that it is actually being synced, but is potentially just a hidden property. Does anyone know how I can find hidden properties in Entra user properties so I can verify exactly what fieldname it is being synced to in order to setup with app?

Thanks!

Answer 1

Hello @Tara Johanneson
Thank you for reaching out Microsoft Q&A platform.
I understand that you want to find hidden properties in Microsoft Entra user profiles, you can use Microsoft Graph API to retrieve the full set of attributes associated with a user. This includes both visible and hidden properties.
Custom attributes, such as extension attributes synced from on-premises to Azure AD, will not be directly visible in the Entra portal’s user profile UI. To access these attributes, you’ll need to use PowerShell or the Microsoft Graph API.
Try using the Microsoft Graph GET endpoint to retrieve the information.

GET https://graph.microsoft.com/v1.0/users/{user-id} where {id} is the user's unique identifier. This will return all properties of the user.
For additional information refer this Document: https://learn.microsoft.com/en-us/graph/api/resources/profile-example?view=graph-rest-beta

Hope this helps. Do let us know if you any further queries.